عربي English Türkçe اردو فارسى
Logo
Latest News
World

FBI Warns US Companies about Iranian Hackers

Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, said the FBI. (Getty Images)
Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, said the FBI. (Getty Images)
TT
TT

FBI Warns US Companies about Iranian Hackers

Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, said the FBI. (Getty Images)
Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, said the FBI. (Getty Images)

Iranian hackers have searched cybercriminal websites for sensitive data stolen from American and foreign organizations that could be useful in future efforts to hack those organizations, the FBI said in an advisory sent to US companies obtained by CNN.

The Iranian hackers have taken an interest in dark-web forums, where scammers leak information on their victims such as stolen emails and network configurations, according to the November 8 advisory. The FBI is concerned that the Iranian hacking group could use that information to plot ways into US corporate networks in the future.

Organizations at risk are advised to take mitigation measures to block hacking attempts by securing Remote Desktop Protocol (RDP) servers, Web Application Firewalls, and Kentico CMS installations targeted by this adversary, said Bleeping Computer, a cybersecurity news outlet, which was the first to report on the FBI analysis.

"Among the Tactics, Techniques, and Procedures (TTPs) used in attacks by this threat actor since May 2021, the FBI mentions the use of auto-exploiter tools used to compromise WordPress sites to deploy web shells, breaching RDP servers and using them to maintain access to victims' networks."

It is unclear which Iranian hacking group is behind the activity. The FBI did not identify the hackers by name or say if they are linked to the Iranian government.

Adam Meyers, senior vice president of intelligence at security firm CrowdStrike, told CNN that Iranian government-linked hackers have increasingly dabbled in cybercriminal activity, such as ransomware, as a means of blurring the lines between state and non-state cyber operations.

"It is well within (Iranian groups') modus operandi to purchase access to networks held by a criminal group if it serves their interests," he added.

An unnamed Iranian hacking group used similar tools to steal voter registration data from state election sites between September and October 2020, Bleeping Computer.

"That voter info was later used to impersonate the far-right Proud Boys organization and send threatening emails to Democratic voters warning that they must vote for Trump or face the consequences."

"The FBI's Cyber Division also warned in a private industry notification issued last week that ransomware gangs have compromised the networks of several tribal-owned casinos, taking down their servers and disabling connected systems."

"The same week, the federal agency also alerted the public that criminals are increasingly using cryptocurrency ATMs and QR codes for fraud, making it harder for law enforcement to recover the victims' financial losses."

Most Viewed

 
 
World

UN Nuclear Agency’s Board Condemns Iran for the 2nd Time this Year for Failing to Fully Cooperate

Secretary General of the International Atomic Energy Agency (IAEA) Rafael Mariano Grossi attends a press conference during an IAEA Board of Governors meeting at the IAEA headquarters of the United Nations seat in Vienna, Austria, 20 November 2024. EPA/HEINZ-PETER BADER
Secretary General of the International Atomic Energy Agency (IAEA) Rafael Mariano Grossi attends a press conference during an IAEA Board of Governors meeting at the IAEA headquarters of the United Nations seat in Vienna, Austria, 20 November 2024. EPA/HEINZ-PETER BADER
TT
TT

UN Nuclear Agency’s Board Condemns Iran for the 2nd Time this Year for Failing to Fully Cooperate

Secretary General of the International Atomic Energy Agency (IAEA) Rafael Mariano Grossi attends a press conference during an IAEA Board of Governors meeting at the IAEA headquarters of the United Nations seat in Vienna, Austria, 20 November 2024. EPA/HEINZ-PETER BADER
Secretary General of the International Atomic Energy Agency (IAEA) Rafael Mariano Grossi attends a press conference during an IAEA Board of Governors meeting at the IAEA headquarters of the United Nations seat in Vienna, Austria, 20 November 2024. EPA/HEINZ-PETER BADER

The UN nuclear watchdog’s board on Thursday condemned Iran for failing to cooperate fully with the agency, the second time it has done so in just five months.
The International Atomic Energy Agency also called on Tehran to provide answers in a long-running investigation into uranium particles found at two locations that Tehran has failed to declare as nuclear sites.
Nineteen members of the IAEA board voted for the resolution, while Russia, China and Burkina Faso opposed it, and 12 abstained and one did not vote, according to diplomats who spoke on condition of anonymity to describe the outcome of the closed-doors vote.
The resolution was put forward by France, Germany and Britain, supported by the United States. It comes at a critical time, ahead of Donald Trump’s return to the White House.
Trump’s first term in office was marked by a particularly tense period with Iran, when the US president pursued a policy of “maximum pressure” against Tehran. In 2018, Trump unilaterally withdrew America from Iran’s nuclear deal with world powers, and imposed even harsher sanctions that have since hobbled Iran's economy further.
The resolution comes on the heels of a confidential report earlier this week in which the IAEA said Iran has defied international demands to rein in its nuclear program and has increased its stockpile of uranium enriched to near weapons-grade levels.
That report, seen by the AP on Tuesday, said that as of Oct. 26, Iran has accumulated 182.3 kilograms (401.9 pounds) of uranium enriched up to 60%, an increase of 17.6 kilograms (38.8 pounds) since the last IAEA report in August. Uranium enriched at 60% purity is just a short, technical step away from weapons-grade levels of 90%.
The resolution approved on Thursday requires the IAEA to now produce a “comprehensive and updated assessment” of Iran’s nuclear activities, which could eventually trigger a referral to the UN Security Council to consider more sanctions on Tehran.
In a joint statement issued after the approval of the resolution, the Atomic Energy Organization of Iran and the Iranian foreign ministry condemned the passing of the resolution, saying that Iran’s nuclear chief Mohammad Eslami has issued orders to launch new and advanced centrifuges, powerful machines that spin rapidly to enrich uranium.
In the past, the IAEA has named two locations near Tehran — Varamin and Turquzabad — where there have been traces of processed uranium, according to IAEA inspectors. Thursday’s resolution honed in on those locations, asking Tehran to provide “technically credible explanations” for the presence of the uranium particles at the sites."
The IAEA has urged Iran to also provide answers about the origin and current location of that nuclear material in order for it “to be in a position to provide assurance that Iran’s nuclear program is exclusively peaceful.”
Western officials suspect that the uranium traces discovered by the IAEA could provide evidence that Iran had a secret nuclear weapons program until at least 2003. Tehran insists its program is peaceful.
One of the sites became known publicly in 2018 after Israeli Prime Minister Benjamin Netanyahu revealed it at the United Nations and called it a clandestine nuclear warehouse hidden at a rug-cleaning plant.
Iran denied that, though IAEA inspectors later found the man-made uranium particles there.
While the number of sites about which the IAEA has questions has been reduced from four to two since 2019, lingering questions have been a persistent source of tensions.
On the subject of Varamin, the IAEA said that inspectors believe Iran used the site from 1999 until 2003 as a pilot project to process uranium ore and convert it into a gas form, which then can be enriched through spinning in a centrifuge. The IAEA said buildings at the site had been demolished in 2004.
Turquzabad, the second location, is where the IAEA believes Iran brought some of the material from Varamin amid the demolition, though it said that alone cannot “explain the presence of the multiple types of isotopically altered particles” found there.
Thursday’s resolution before the 35-member board at the IAEA headquarters in Vienna, called on Tehran to explain the presence of the uranium particles at Varamin and Turquzabad, inform the UN nuclear watchdog about the current whereabouts of that nuclear material, and grant access to IAEA inspectors to all Iranian nuclear locations.
A draft of the resolution was seen by the AP.
Tehran continues to maintain that its nuclear program is solely for peaceful purposes and has told the IAEA that it has declared all of the nuclear material, activities and locations required under a so-called Safeguard Agreement it has with the IAEA.
Iranian officials have vowed to retaliate immediately if a resolution is passed. In the past, Tehran has responded to IAEA resolutions by stepping up its nuclear activities.
The resolution also requires IAEA director general Rafael Grossi to provide an updated assessment of Iran’s nuclear program — including the possible presence of undeclared nuclear material at the two locations — by spring 2025 at the latest.
The assessment could be a basis for possible further steps by European nations, diplomats said, leading to potential escalation in tensions between Iran and the West. It could also provide a basis for European countries to trigger sanctions against Iran ahead of October 2025, when the original 2015 Iran nuclear deal expires, the diplomats said.